Security & Confidentiality
How we protect your closing documents — built for the compliance standards your firm operates under.
Closing documents deserve more than email attachments.
Loan packages contain Non-public Personal Information — Social Security numbers, account numbers, government IDs, and financial disclosures. Most independent notaries handle these documents through email attachments, generic file-sharing links, or unencrypted text messages. LUX Notary Kafe’ was built differently. Every document moves through a dedicated, encrypted client portal designed around five security pillars.
Five Security Pillars
Every document, every closing, every time.
Bank-Grade Encryption at Rest
Every document uploaded to our portal is encrypted with AES-256-GCM — the same standard used by financial institutions and government agencies — before it ever touches our storage.
Encrypted in Transit
All uploads and downloads use TLS 1.3, the latest transport security standard, with HTTPS enforced sitewide. Documents are never sent over an unencrypted connection.
Single-Use, Expiring Access Codes
Each closing receives its own access code with a defined expiration. Codes cannot be reused after upload, and old codes go inactive automatically — no shared logins, no password reuse.
Two-Factor Authentication on Notary Access
The notary's access to retrieve documents is protected by TOTP-based two-factor authentication. Knowing a password is not enough — physical access to the registered authenticator is required.
Automatic 30-Day Document Purge
Documents are automatically and irreversibly deleted 30 days after upload. We minimize long-term data exposure by design — your borrower's information doesn't sit on a server indefinitely.
Built for the Standards You Already Follow
For title companies, lenders, and law firms — your vendor security review starts here.
ALTA Best Practices Pillar 3
Title insurance underwriters require their settlement service providers to maintain a written information security program protecting Non-public Personal Information (NPI). LUX's portal architecture is designed to fit cleanly into your Pillar 3 vendor security review.
GLBA Safeguards Rule
Lenders must ensure third parties handling customer financial information apply administrative, technical, and physical safeguards. Encryption at rest, encryption in transit, access controls, and data retention limits are central to the FTC's Safeguards Rule — and central to how we built this portal.
Data Stays in the U.S.
Encrypted documents are stored on a persistent volume in a U.S.-based data center (Fly.io, primary region: US East). We do not use third-party cloud sharing services, email attachments, or consumer file-sharing tools to handle client documents.
From Upload to Auto-Delete
The path every document takes through the LUX portal.
- 1
Access code issued
Your signing agent generates a unique, single-use code tied to a specific closing and expiration date. The code is sent to the client through a private channel.
- 2
Client enters the portal
The client visits luxnotarykafe.com/portal, enters the code, and is granted access only to the upload form for their specific signing.
- 3
Documents encrypted in transit
Files are uploaded over TLS 1.3. The connection is authenticated, encrypted, and integrity-verified end-to-end.
- 4
Encrypted at rest
On arrival, each file is encrypted with AES-256-GCM using a per-file initialization vector, then written to a U.S.-based persistent volume. Plaintext never touches storage.
- 5
Notary retrieves with 2FA
The signing agent unlocks documents for review using a password plus a TOTP code generated by their authenticator app — never just one factor.
- 6
30-day automatic purge
Encrypted files and their metadata are permanently deleted on a recurring schedule. After 30 days, the document no longer exists in our system.
Conducting a vendor security review?
Compliance officers and operations managers are welcome to share this page directly with their security and legal teams. For additional documentation or to request a written response to your vendor security questionnaire, contact us — we’re glad to support your review process.
Working with a title company?
Ask about our dedicated signing partner program. Reliable closings, every time.